A new wave of ransomware attacks is targeting VMware ESXi hypervisors, which are enterprise-class and type-1 virtualization services. A patch for CVE-2021-21974 was released on February 23, 2021, according to the Computer Emergency Response Team of France. This vulnerability is an OpenSLP heap-overflow issue that could allow malicious actors to execute arbitrary code. The intrusions have been detected globally, with a focus on Europe, and are thought to be linked to a new Rust-based ransomware strain called Nevada. To protect against potential threats, users should upgrade to the latest version of ESXi and restrict access to OpenSLP to trusted IP addresses. Heimdal® offers a Ransomware Encryption Protection module that provides customers with an integrated cybersecurity suite and is 100% signature-free and universally compatible with any antivirus solution. To learn more about ransomware prevention and mitigation, readers can check out Heimdal's in-depth articles.
This Cyber News was published on heimdalsecurity.com. Publication date: Mon, 06 Feb 2023 11:25:02 +0000